Who We Are:
At Brooks, we believe movement is the key to feeling more alive. That’s why we’re driven to create gear and experiences that take people to the place that makes them feel more alive — whether it’s a headspace, a feeling, or a finish line.
Everyone who works at Brooks is propelled by a company culture that sparks excitement, fuels collaboration, inspires creativity, and ignites innovation.
Our brand values help bond us together and drive our success:
- Runner First
- We act in the best interest of the runner
- Word is Bond
- We do what we say we’ll do
- Champion Heart
- We give our all in everything we do
- There is no “I” in Run
- We stay generous with our humanity
- Keep Moving
- We find ways to move every day, because joy is kinetic!
We welcome everyone from every walk of life looking to inspire others through the power of movement - because we’re all moving towards something. Let’s run there.
Your Job:
The mission of the Information Security Team is to manage Information Security risk at Brooks including availability of systems, confidentiality and integrity of data, privacy, and compliance with relevant laws and regulations. We are seeking a security professional to detect and respond to security threats. As a Brooks Information Security Operations Center (SOC) Analyst, you will primarily be responsible for day-to-day defense of enterprise technologies, computing assets and network infrastructure. You will conduct ongoing threat detection using logs and signals from multiple sources including network, host-based, endpoint security, and phish reports, ensuring the confidentiality, integrity and availability of critical information systems and resources.
You will correlate activity across assets and environments to identify patterns of anomalous activity and prevent abuse. This role requires understanding of core infrastructure concepts such as common operating systems, networking, storage and how systems interact as well as learning how the business operates in order to triage threats based on potential impact. You will perform incident response to identify, contain, and mitigate attacks.
Keys to success in this role include a sense of curiosity and a strong desire for continuous improvement of our security program and your own professional skills. If you are passionate about keeping current on security-related technical trends and excited to work with some of the most talented, creative, and innovative people, using the latest software, technologies, and sourcing solutions to ensure the protection of all systems and services deployed over a globally expanding network, then we are looking forward to hearing from you
Responsibilities:
Incident Handling and Response
Investigate and respond to suspicious email threats while continuously improving detection rules, user reporting workflows, and phishing defense capabilities based on observed attack patterns and trends
Thoroughly investigate and respond to cyber events and incidents, applying advanced analytical techniques to determine root cause, scope impact, and coordinate containment, eradication, and recovery efforts.
Learn, refine, maintain, and operationalize incident response playbooks while also remaining curious and exercising advanced technical knowledge and judgement appropriate to each situation, ensuring consistent execution during incidents and incorporating lessons learned to improve response effectiveness.
Document, refine, and automate security processes using SOAR capabilities to improve response efficiency, consistency, and scalability across incident handling workflows
Gap Analysis and Remediation
Work within purple team to test detection of attacker TTPs and tune out false positive results. This involves understanding the steps threat actors would take to compromise our systems and where each of our controls might prevent, detect, or alert to this activity and testing to validate the desired control activity is achieved without generating excessive false positives.
Recommend security solutions and practices that protect company services and assets and assist engineers in the implementation.
Maintain Situational Awareness
Ensure logs from all appropriate systems are being ingested to ensure Continuous Monitoring and Anomaly Detection and/or Forensic Investigations can find all malicious behavior
Work with business stakeholders to make sure accounts and privileges are properly maintained throughout their lifecycle to ensure the principles of least privilege are followed.
Maintain a current awareness of information security issues and trends that are relevant to the Brooks ecosystem in order to understand how emerging threats and technologies might impact the security and availability of Brooks
Maintain professional security certifications and accreditations
Other responsibilities as required
Qualifications:
Bachelor’s degree or equivalent education and experience
5 years information technology experience
Minimum 1 year in a SOC analyst or incident response role
Possess excellent analytical skills and keen attention to detail in execution of tasks, while still seeing the big picture and maintaining curiosity of additional elements that should be investigated
Knowledge of the MITRE ATT&CK framework and common cyber threat attack paths
Use business knowledge, innovative thinking, and sound judgment to resolve problems and challenges
Strong written communication skills – able to clearly document incident investigation work
Practical knowledge of corporate computing environments
Ability to communicate technical subject matter to non-technical individuals for security awareness training
Ability to prioritize and organize tasks in a dynamic business environment
Able to accomplish goals while working as a member of a team or independently
Knowledge of security best practices
Preferred Qualifications:
Professional certification such as CySA+, Security+, or GSEC
Hands on experience with and knowledge of Palo Alto Security tools
Knowledge of Information Technology Infrastructure Library (ITIL) standards and processes
Experience configuring infrastructure systems and knowledge of network protocols